Irregular Expressions

If you could do something this year that I think would have the most impact for your users especially if you are a company that offers services requiring web authentication. Two factor authentication will have a dramatic effect on your posture. I am not saying that it is new, but I think it is coming to the point that it should be the norm. If it is some sort of device with a rolling number, token or even some sort of one time pad.

Something this size I think is an excellent choice. Just have it on your key chain, pop it in the USB port like a car key and be logged in to your web services. Something you know, your password and something you have, your usb key. There is still multiple ways that you can attack a system like this to do some bad, like piggy backing on the already authenticated session to do what you need like transferring money out of an account. This still would make standard key loggers pretty much useless in stealing data alone.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your reply...

There was an error processing your information. Please try again later.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your reply...

About This Blog

A blog for system administrator and managers looking for explanations of vulnerabilities and exploits, with special attention paid to virtualization tips and tricks. Irregular Expressions will go into detail explaining the why and how of vulnerabilities and accompanying exploits.